Abstract

A central problem in sensor network security is that sensors are susceptible to physical capture attacks. Once a sensor is compromised, the adversary can easily launch {\it clone attacks} by replicating the compromised node, distributing the clones throughout the network, and starting a variety of insider attacks.

Previous works against clone attacks suffer from either a high communication/storage overhead or a poor detection accuracy. In this paper, we propose a novel scheme for detecting clone attacks in sensor networks, which computes for each sensor a social fingerprint by extracting the neighborhood characteristics, and verifies the legitimacy of the originator for each message by checking the enclosed fingerprint.

The fingerprint generation is based on the super imposed disjunct code, which incurs a very light communication and computation overhead. The fingerprint verification is conducted at both the base station and the neighboring sensors, which ensures a high detection probability.

The security and performance analysis indicate that our algorithm can identify clone attacks with a high detection probability at the cost of a low computation/communication/storage overhead. To our best knowledge, our scheme is the first to provide realtime detection of clone attacks in an effective and efficient way.